On Monday, April 14th, 2025 at 10:03 AM, Janne Johansson <icepic...@gmail.com>
wrote:
> > The problem at hand is how to define the macros ext_if and int_if for a
> > system with multiple interfaces.
> > Neither pf.conf(5) nor "the book of PF" give a working example where the
> > macro holds more than one name.
> >
> > This is the only existing example of relevant syntax in pf.conf(5):
> >
> > > ext_if = "kue0"
> > > all_ifs = "{" $ext_if lo0 "}"
> > > pass out on $ext_if from any to any
> > > pass in on $ext_if proto tcp from any to any port 25
> >
> > Note that all_ifs is not used, so we do not know whether $all_ifs,
> > <all_ifs> or plain all_ifs is correct.
>
> $all_ifs
This is what happens when I call that variable from an anchor:
> doas pfctl -nf /etc/pf.conf
/etc/pf.anchors/ian:18: macro 'ext_if' not defined
/etc/pf.anchors/ian:18: syntax error
